Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Desktop disappeared -- now slow startup, etc.

tothnews

Posted 16 August 2005 - 07:18 PM

tothnews

New Member

Member

5 posts

This morning, I was running a few apps -- WordPerfect, AOL (yes, I know), and that's about it. I inserted a music CD I have played before. The Windows Media Player came up, and then everything froze. When I retstarted the computer, everything on my desktop was gone with the exception of my custom background image -- I mean, gone, empty, with not even the Start tab visible. I eventually managed to repair Windows. After that, my desktop returned, but my network and other settings were gone, and I couldn't load Norton nor the XP firewall. The last two items struck me as warning bells that I was hacked or hijacked. Anyway, I'm in the process of restoring everything, and you will see below I am currently running a virus scan online before I reboot. I just want to know: Does the list below show evidence of any kind of continuing threat?

I neglected to mention and am just now adding that Windows now starts up even more slowly than it normally does, seemingly sitting there with the welcome screen for what must be at least a minute, if not two. Something running at startup, or is that possibly Windows not knowing what to do because Norton was listed in startup but could not acually run due to registry changes -- or whatever happpened?

I just received this info from the online scan, which deleted this file:

"This malware is a component of a malicious Java archive file (JAR) that resides in a malicious Web site. Machines infected with the malware JS_FORTNIGHT.B are redirected to this Web site. It calls and executes another malware, JAVA_JJBLACK.C, which results in modifications to the browser and registry settings of the infected system. It is Trend Micro's detection for JAVA classes that exploit a known vulnerability in Microsoft Virtual Machine in Windows Operating Systems and Internet Explorer. This flaw allows malicious users to execute codes of his or her choice when a user visits an infected Web site.

So was that my whole problem, and how do I stop it? I have to have Java enabled due to school (distance program). Should I just have my browser prompt me every time it runs?

C:\Explorer.exe: not presentC:\WINDOWS\Explorer\Explorer.exe: not presentC:\WINDOWS\System\Explorer.exe: not presentC:\WINDOWS\System32\Explorer.exe: not presentC:\WINDOWS\Command\Explorer.exe: not presentC:\WINDOWS\Fonts\Explorer.exe: not present

Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only